A Russian security company claims it found a way to beat a security measure in Microsoft's Windows XP Service Pack 2, a major update aimed at securing customers' PCs.
The SP2 measure, known as Data Execution Protection, is intended to prevent would-be attackers from inserting rogue code into a PC's memory and tricking Windows into running the program. However, in a paper published Friday, Moscow-based Positive Technologies said two minor mistakes in the implementation of the technology allow a knowledgeable programmer to sidestep the protection.
The company notified Microsoft of the problem Dec. 22, but it apparently decided not to wait for the software giant to patch the flaws.
http://news.zdnet.com/2100-1009_22-5555448.html?tag=nl.e589
previously...
Trojan horse threatens latest Windows XP
Online miscreants have released a Trojan horse that can infect computers running Microsoft's Windows XP, installing programs to remotely control a victim's system.
The program--dubbed "Phel," an anagram of "Help"--infects visitors to a maliciously-created Web site through Internet Explorer's Help controls, Symantec warned in an advisory this week. A bug in the malicious program may prevent it from infecting some computers, the security company said.
The Trojan horse exploits a vulnerability, found in October, in how Internet Explorer and Windows XP Service Pack 2 handle help files called from Web pages.
The flaw is unrelated to the recent help-file flaws outed by a Chinese security company last week. In that instance, Microsoft took the Chinese security group to task for disclosing the vulnerability without giving the company a chance to develop a way to fix the problem.
"Microsoft is working to forensically analyze the malicious code in Phel and will work with law enforcement to identify and bring to justice those responsible for this malicious activity," a company spokesperson said.
A patch is not yet available from Microsoft for the October flaw, nor the most recent flaws, but the software giant said its programmers are working on the issue.
"Microsoft is taking this vulnerability very seriously, and an update to correct the vulnerability is currently in development," the spokesperson said. "We will release the security update when the development and testing process is complete, and the update is found to effectively correct the vulnerability."
Microsoft has had significant problems securing its Web browser in 2004. As a result, the freely available open-source browser Firefox has gained market share. Security experts have recommended that computer users consider other browsers and some schools have told their students to use a non-Microsoft browser.
The Symantec advisory can be found on the company's Web site.
http://news.zdnet.com/2100-1009_22-5506709.html